June 11 (Bloomberg) -- Data on almost 1,000 Canadian
government officials was stolen in the hacking of a Texas-based
intelligence firm in December, according to internal government
documents.

Almost 900 federal government workers and 109 provincial
government officials were affected when computers owned by
Strategic Forecasting Inc. were hacked, according to a memo by
the federal Public Safety department obtained by Bloomberg News
under Canada’s freedom-of-information law.

The hackers obtained the client list of the company also
known as Stratfor, and released personal information such as
emails, passwords, home and office addresses and credit-card
data, according to the Jan. 9 memo.

Canada is trying to bolster its defenses as countries
deploy increasingly advanced technology to disrupt their
enemies’ networks and gain access to trade secrets. Some of
Canada’s biggest companies, such as Potash Corp. of Saskatchewan
Inc. and Nortel Networks Corp., have been targeted.

Canadian officials have warned in internal documents that
cyber attacks pose a greater risk to Canada’s economic
prosperity than previously believed, and the country lacks the
tools to fight hackers.

The Canadian officials whose data was stolen in the
Stratfor attack had their finances and privacy put at risk,
according to the memo. They could also become “victims of
specific and targeted attacks,” the memo said.

Security Strategy

The government released a “cyber security strategy” in
October 2010, in which it pledged to better secure public-sector
computer systems. The Public Safety department established the
Canadian Cyber Incident Response Centre to coordinate the
federal response to “cyber security incidents” outside
government networks, with a focus on guarding key infrastructure
such as energy pipelines and power plants.

Canada was also hit by an international computer intrusion
scheme that was broken up in November by the Federal Bureau of
Investigation, according to a separate memo by the Public Safety
department.

The U.S. charged one Russian and six Estonians with using
malicious software to make millions of dollars by manipulating
the Internet searches of infected computers.

The attack compromised about 100,000 computers in Canada,
said a Dec. 28 memo by the Public Safety department. The systems
of 230 Canadian organizations were affected, including banks,
Internet service providers, and provincial and municipal
governments.

While most of the affected organizations were notified by
the government, they are not obligated to contact the owners or
operators of infected systems, the memo said.

There is a “high probability that some of the remaining
infected computers are being used in Canada’s critical
infrastructure sectors,” the memo said.